beautypg.com

Asus SL1000 User Manual

Page 8

background image

Copyright 2006, ASUSTek Computer, Inc.

Page

5

aaa-server TACACS+ protocol tacacs+

aaa-server TACACS+ max-failed-attempts 3

aaa-server TACACS+ deadtime 10

aaa-server RADIUS protocol radius

aaa-server RADIUS max-failed-attempts 3

aaa-server RADIUS deadtime 10

aaa-server LOCAL protocol local

http server enable

http 192.168.1.10 255.255.255.255 inside

no snmp-server location

no snmp-server contact

snmp-server community public

no snmp-server enable traps

floodguard enable

sysopt connection permit-ipsec

crypto ipsec transform-set set1 esp-3des esp-sha-hmac

crypto ipsec security-association lifetime seconds 3600

crypto map toSL1000 20 ipsec-isakmp

crypto map toSL1000 20 match address SL1000

crypto map toSL1000 20 set peer 10.64.2.145

crypto map toSL1000 20 set transform-set set1

crypto map toSL1000 interface outside

isakmp enable outside

isakmp key ******** address 10.64.2.145 netmask 255.255.255.0

isakmp identity address

isakmp policy 20 authentication pre-share

isakmp policy 20 encryption 3des

isakmp policy 20 hash sha

isakmp policy 20 group 2

isakmp policy 20 lifetime 3600

telnet timeout 5

ssh timeout 5

console timeout 0

terminal width 80

Cryptochecksum:8213208c43a8ad0a01202a9686af3ed4

Figure 3.2 Verify VPN configurations on the PIX firewall